Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
File: 4875c926-8b00-4b21-bffa-08659e5c223d.roa (raw, json)
Hash identifier: aJ+nPJ9Y+C8jgG0ZOx7IOK9ngWOLfIQP/tzF6wbtMao=
Subject key identifier: 02:DD:2E:81:39:2F:A0:63:6E:7A:6D:F7:A1:BE:93:55:7F:C0:13:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 382D229EB4EFCF90BF688E1757B64AB9AB4EAEBA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:2d:22:9e:b4:ef:cf:90:bf:68:8e:17:57:b6:4a:b9:ab:4e:ae:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=32f668530e6579b26090e1853445189fa76c3672babaa66a9cb05aa618b79605, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3f:f6:70:a8:6a:a3:9e:2a:90:27:47:77:53:
4e:38:6b:d2:e8:bb:0a:0b:e3:a0:bb:ba:bd:d1:9e:
87:6d:14:d6:a9:97:41:e1:71:50:02:bb:74:1d:57:
8f:3c:17:8e:81:40:af:81:fa:a5:bd:d3:71:54:35:
0b:f5:c7:ad:2e:a3:4b:3c:20:59:e5:ea:da:ba:2a:
e8:a7:18:22:17:72:9c:df:3c:9e:44:74:ba:37:97:
dc:67:d8:16:d9:b2:46:9d:7c:42:79:d5:9a:52:40:
48:3e:ba:6a:84:7b:7e:8b:98:33:e9:5a:29:88:09:
d8:b2:66:52:7e:fa:10:80:d5:8e:61:9a:bc:65:c6:
2d:09:6d:82:95:c2:ae:e1:be:d2:b4:0e:d3:4a:79:
a5:fb:12:54:e3:6a:49:c6:ad:c8:ea:5e:bf:15:b5:
95:75:54:3a:cc:d4:1c:cd:f2:8d:2a:5b:87:48:07:
a5:d5:07:80:5f:40:41:dd:15:fa:e3:ca:49:70:04:
56:dc:78:81:43:53:e8:cf:00:31:30:28:de:76:70:
fa:00:77:6b:69:a2:ae:6c:cb:1b:f4:eb:e0:a0:03:
c0:be:96:04:c3:62:e9:ea:22:9c:92:a3:cb:6b:4c:
a1:5e:01:c8:da:ed:45:17:c7:af:87:23:52:48:82:
a1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:DD:2E:81:39:2F:A0:63:6E:7A:6D:F7:A1:BE:93:55:7F:C0:13:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/40
Signature Algorithm: sha256WithRSAEncryption
53:19:fe:b1:ce:be:94:f1:8c:05:9d:d6:b8:5e:07:c9:e8:eb:
dd:d5:89:a7:32:a0:9e:e0:41:f4:e3:25:9f:a0:ad:29:28:e9:
da:bf:8e:ed:89:4f:d9:3c:ef:8e:71:3f:ba:6d:5a:6e:df:55:
45:f6:29:f0:cc:30:c2:23:c3:f5:e4:bd:99:f2:6e:03:e6:86:
66:71:20:55:fa:58:be:44:cd:2b:73:d1:d9:88:3f:da:eb:3a:
bc:44:9d:4d:6a:c0:ac:8b:ff:04:a2:61:53:bb:a5:87:ce:1c:
e1:53:fd:42:23:9c:83:e7:04:0c:d9:c9:14:88:6f:64:2a:46:
f8:06:49:eb:9f:d8:35:b7:2f:87:1e:22:f5:7a:da:d3:74:6e:
40:67:d5:15:43:8a:c1:e9:0a:34:59:ef:e2:fd:91:fe:3e:29:
a5:47:f1:4d:6b:5d:0b:a9:79:02:30:c2:9d:bb:d9:4d:2c:eb:
ab:73:08:01:bb:8d:58:07:20:47:f0:29:37:80:cc:40:87:81:
8c:46:90:ff:d7:06:d8:1b:11:c8:b4:bf:e1:6e:6e:71:a0:51:
c0:e9:a2:cb:2b:a3:36:54:22:e2:8b:60:74:83:78:2d:5f:06:
eb:95:d5:f1:01:2b:0f:fe:33:bf:74:57:1f:41:6f:f7:63:f1:
51:63:0d:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOC0inrTvz5C/aI4XV7ZKuatOrrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyZjY2ODUzMGU2NTc5YjI2MDkwZTE4NTM0NDUxODlmYTc2YzM2NzJiYWJh
YTY2YTljYjA1YWE2MThiNzk2MDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOM/9nCoaqOeKpAnR3dTTjhr0ui7CgvjoLu6vdGeh20U1qmXQeFxUAK7dB1X
jzwXjoFAr4H6pb3TcVQ1C/XHrS6jSzwgWeXq2roq6KcYIhdynN88nkR0ujeX3GfY
FtmyRp18QnnVmlJASD66aoR7fouYM+laKYgJ2LJmUn76EIDVjmGavGXGLQltgpXC
ruG+0rQO00p5pfsSVONqScatyOpevxW1lXVUOszUHM3yjSpbh0gHpdUHgF9AQd0V
+uPKSXAEVtx4gUNT6M8AMTAo3nZw+gB3a2mirmzLG/Tr4KADwL6WBMNi6eoinJKj
y2tMoV4ByNrtRRfHr4cjUkiCoXMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQC3S6B
OS+gY256bfehvpNVf8AT/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDg3NWM5MjYtOGIwMC00YjIxLWJmZmEtMDg2NTllNWMyMjNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBTGf6xzr6U8YwFnda4XgfJ6Ovd1YmnMqCe4EH0
4yWfoK0pKOnav47tiU/ZPO+OcT+6bVpu31VF9inwzDDCI8P15L2Z8m4D5oZmcSBV
+li+RM0rc9HZiD/a6zq8RJ1NasCsi/8EomFTu6WHzhzhU/1CI5yD5wQM2ckUiG9k
Kkb4Bknrn9g1ty+HHiL1etrTdG5AZ9UVQ4rB6Qo0We/i/ZH+PimlR/FNa10LqXkC
MMKdu9lNLOurcwgBu41YByBH8Ck3gMxAh4GMRpD/1wbYGxHItL/hbm5xoFHA6aLL
K6M2VCLii2B0g3gtXwbrldXxASsP/jO/dFcfQW/3Y/FRYw1G
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:10 2025 by rpki-client